Updates & Announcements

CreatorStudio (beta)

New Platform Feature
CreatorStudio (Beta) lets enterprise admins curate custom AppSec courses tailored to their team's skills, roles, and goals. Choose topics, set objectives, and generate full courses with lectures, slides, and challenges, no generic content, just what your org needs.
July 16, 2025

3 New Secure Coding Courses: TypeScript File & Parser Security

New Course
Secure your TypeScript apps against Path Traversal, XXE, and YAML Deserialization attacks. Learn hands-on techniques for safe file access, XML parsing, and YAML validation using real-world labs. Build hardened apps with Express and Node.js best practices.
July 9, 2025

4 New Secure Coding courses for TypeScript developers

New Course
Secure your TypeScript apps with 4 new hands-on courses covering CSRF, SSTI, Command Injection, and IDOR. Learn real-world defense strategies, from input validation to secure sessions and API design, to stop exploits before they start. Built for devs, taught through code.
June 23, 2025

Helm Security Fundamentals

New Course
Explore Helm 3 architecture, Charts, Repos, and Releases. Learn secure chart development, RBAC, and best practices through hands-on labs to streamline and secure your K8s deployments.
June 5, 2025

Attacking and Defending Client Side Template Injection in VueJS

New Course
Learn to exploit and defend against Client-Side Template Injection in Vue.js apps. This hands-on course walks you through real-world attack scenarios and defense techniques to secure dynamic templates and prevent malicious payload execution.
May 22, 2025

3 New Secure Coding courses for Typescript developers

New Course
Go beyond linting. These hands-on labs teach TypeScript teams to stop DOM XSS, Broken Object Authorization, and IDOR. Learn secure patterns with RBAC, CSPs, and middleware, all through real-world challenges and practical coding exercises.

3 New Secure Coding courses for Node.js developers

New Course
This 3-course bundle tackles Reflected XSS, DOM XSS, and NoSQL Injection with hands-on labs, real-world attack scenarios, and practical code-based lessons, built for fast, effective learning in modern stacks.
April 14, 2025

Amazon Detective: Advanced Security Investigation and Analysis

New Course
Learn to investigate incidents using behavior graphs, integrate with GuardDuty & Macie, and manage costs, built for cloud architects and security pros handling complex AWS threats.
March 31, 2025

Security Champions Training Level 1

New Journey
Upskill your devs to lead AppSec from the front. This hands-on journey covers threat modeling, injection flaws, SAST, SCA, container security, and more. Assign, track, and build Security Champions who write secure code from day one.
March 13, 2025

CloudFront Security

New Course
Secure your edge, defend your origin. Learn to simulate and stop real-world threats like cache poisoning and S3 takeovers. Dive into CloudFront architecture, AWS WAF configs, and hands-on labs to build strong, cost-effective edge defenses.
February 12, 2025

Secure by Design Journeys for Python, Ruby on Rails and Java Spring Boot developers

New Journey
Build security into your code from day one. These hands-on journeys teach you to identify, exploit, and fix real vulnerabilities, focusing on secure architecture, not just patches. Ideal for devs building APIs, web apps, or backend services.
January 14, 2025

OWASP Top 10 for Kotlin

New Journey
Build secure Kotlin apps with ease. This learning journey walks Kotlin developers through the OWASP Top 10, with hands-on lessons to spot, exploit, and fix real-world vulnerabilities. Master secure coding in Kotlin, one risk at a time.
December 12, 2024

Breaking and Defending Azure Storage

New Course
Learn to prevent SAS token leaks, access key misuse, and ransomware attacks. Get hands-on with access controls, encryption, monitoring, and real-world threat simulations to secure your Azure Blob Storage.
December 5, 2024

Learning Journeys

New Platform Feature
Cut the noise, learn what matters. Our curated journeys help teams master compliance (like PCI DSS) and role-specific skills with targeted training paths. Supports 12+ languages including Java Spring Boot, Golang, Python, Kotlin, and Node.js.
November 8, 2024

Ready to Elevate Your Security Training?

Empower your teams with the skills they need to secure your applications and stay ahead of the curve.
Get Started Now
X
X
Copyright AppSecEngineer Β© 2025
X
Upcoming Bootcamp: Rapid Threat Modeling with GenAI and LLM Β | 24 - 25 July | Book your seat now